OVAL Reference oval:org.opensuse.security:def:52574

Oval Definition:

oval:org.opensuse.security:def:52574

Revision Date:	2020-12-01	Version:	1
Title:	Security update for openldap2 (Moderate)
Description:	This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2019-13565: Fixed an authentication bypass when using SASL authentication and session encryption (bsc#1143194). - CVE-2019-13057: Fixed an issue with delegated database admin privileges (bsc#1143273). - CVE-2017-17740: When both the nops module and the member of overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. (bsc#1073313) Non-security issues fixed: - Fixed broken shebang line in openldap_update_modules_path.sh (bsc#1114845). - Create files in /var/lib/ldap/ during initial start to allow for transactional updates (bsc#1111388) - Fixed incorrect post script call causing tmpfiles creation not to be run (bsc#1111388).
Family:	unix	Class:	patch
Status:		Reference(s):	1065600 1065729 1071995 1073313 1085030 1111388 1114845 1120163 1133021 1143194 1143273 1149032 1152472 1152489 1153274 1154353 1154488 1154492 1155518 1156395 1159058 1160634 1167773 1169790 1171634 1171688 1172108 1172197 1172247 1172418 1172871 1172963 1173468 1173485 1173798 1173813 1173954 1174002 1174003 1174026 1174205 1174247 1174362 1174387 1174484 1174625 1174645 1174689 1174699 1174737 1174757 1174762 1174770 1174771 1174777 1174805 1174824 1174825 1174852 1174865 1174880 1174897 1174906 1174969 1175009 1175010 1175011 1175012 1175013 1175014 1175015 1175016 1175017 1175018 1175019 1175020 1175021 1175052 1175112 1175116 1175128 1175149 1175175 1175176 1175180 1175181 1175182 1175183 1175184 1175185 1175186 1175187 1175188 1175189 1175190 1175191 1175192 1175195 1175199 1175213 1175232 1175263 1175284 1175296 1175344 1175345 1175346 1175347 1175367 1175377 1175440 1175493 1175546 1175550 1175654 1175691 1175768 1175769 1175770 1175771 1175772 1175774 1175775 1175834 1175873 890228 899756 902709 CVE-2007-5970 CVE-2008-7247 CVE-2009-0186 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2010-4341 CVE-2011-0461 CVE-2011-1758 CVE-2011-2483 CVE-2011-2696 CVE-2011-3177 CVE-2011-3200 CVE-2012-2141 CVE-2012-4559 CVE-2012-4560 CVE-2012-4561 CVE-2013-0176 CVE-2013-0219 CVE-2013-0220 CVE-2013-0287 CVE-2013-1976 CVE-2013-1986 CVE-2013-4758 CVE-2013-6370 CVE-2013-6371 CVE-2014-0017 CVE-2014-2284 CVE-2014-2285 CVE-2014-3248 CVE-2014-3565 CVE-2014-3634 CVE-2014-3634 CVE-2014-3683 CVE-2014-4877 CVE-2014-7300 CVE-2014-8132 CVE-2014-9496 CVE-2014-9756 CVE-2015-3146 CVE-2015-5621 CVE-2015-7805 CVE-2015-8075 CVE-2016-1601 CVE-2017-17740 CVE-2018-18065 CVE-2019-13057 CVE-2019-13565 CVE-2020-14314 CVE-2020-14331 CVE-2020-14356 CVE-2020-16166 SUSE-SU-2019:2395-1 SUSE-SU-2020:2486-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gnome-shell-3.26.2+20180130.0d9c74212-lp150.2 is installed OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-lp150.2 is installed OR gnome-shell-lang-3.26.2+20180130.0d9c74212-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND haproxy-2.0.5+git0.d905f49a-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND postgresql-8.3.23-0.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information freetype2-2.3.7-25.34 is installed OR freetype2-32bit-2.3.7-25.34 is installed OR ft2demos-2.3.7-25.34 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.5.0esr-28 is installed OR MozillaFirefox-translations-38.5.0esr-28 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information gnome-settings-daemon-3.10.2-20 is installed OR gnome-settings-daemon-lang-3.10.2-20 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libsndfile1-1.0.25-25 is installed OR libsndfile1-32bit-1.0.25-25 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND facter-2.4.6-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libsnmp30-5.7.3-6.3 is installed OR libsnmp30-32bit-5.7.3-6.3 is installed OR net-snmp-5.7.3-6.3 is installed OR perl-SNMP-5.7.3-6.3 is installed OR snmp-mibs-5.7.3-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information openldap2-2.4.46-9.19 is installed OR openldap2-back-meta-2.4.46-9.19 is installed OR openldap2-back-perl-2.4.46-9.19 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.12 is installed OR reiserfs-kmp-default-5.3.18-24.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information python-cupshelpers-1.4.5-1 is installed OR system-config-printer-1.4.5-1 is installed OR system-config-printer-common-1.4.5-1 is installed OR system-config-printer-common-lang-1.4.5-1 is installed OR system-config-printer-dbus-service-1.4.5-1 is installed OR udev-configure-printer-1.4.5-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_45-default-6-2 is installed OR kgraft-patch-3_12_74-60_64_45-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_16-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information glib2-lang-2.48.2-10 is installed OR glib2-tools-2.48.2-10 is installed OR libgio-2_0-0-2.48.2-10 is installed OR libgio-2_0-0-32bit-2.48.2-10 is installed OR libglib-2_0-0-2.48.2-10 is installed OR libglib-2_0-0-32bit-2.48.2-10 is installed OR libgmodule-2_0-0-2.48.2-10 is installed OR libgmodule-2_0-0-32bit-2.48.2-10 is installed OR libgobject-2_0-0-2.48.2-10 is installed OR libgobject-2_0-0-32bit-2.48.2-10 is installed OR libgthread-2_0-0-2.48.2-10 is installed OR libgthread-2_0-0-32bit-2.48.2-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND libcares2-1.9.1-9.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-devel-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed

BACK